Oracle MySQL CVE-2022-1292 is high and only resolved through 8.0.30
When can this version be expected?
Will commercial scanners detect this vulnerability?
1 Like
I haven’t seen a response here. This is a high risk patch that needs to be distributed ASAP. Please provide status.
2 Likes
Hi,
It is fixed in Oracle MySQL 8.0.30 and will thus be fixed with Percona Server for MySQL 8.0.30 when it is released, which will be in the coming weeks.
I appreciate that, but I do need a target date that I can report back to our security team. Our organization policy is that any HIGH findings must be corrected in 90 days or less.
1 Like
I understand, probably someone from the development team will see the question and give a more accurate answer on the dates.
Still no response from @DevTeam?
1 Like
Hey @vincentp
The issue reported by oracle mostly connected to openssl version. So updating openssl to the latest version should solve it
1 Like
I see that 8.0.30 is still not released. Is there an estimate yet?
1 Like
@DebbieHunt the work is in progress but we don’t have the exact release date yet
1 Like